package org.xuyuji.web.filter;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class PermissionFilter implements Filter {
	
	private String contextPath;
	
	private String loginUrl;
	
	private List<String> publicResource = new ArrayList<String>();

    public PermissionFilter() {
    	publicResource.add("/login.do");
    }
    
	public void destroy() {
	}

	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		HttpServletRequest req = (HttpServletRequest)request;
		HttpServletResponse resp = (HttpServletResponse)response;
		
		if(publicResource.contains(req.getServletPath())){
			chain.doFilter(request, response);
		}else{
			if(req.getSession().getAttribute("SESSION_USER") == null){
				resp.sendRedirect(req.getContextPath() + "/pages/overtime.jsp");
			}else{
				chain.doFilter(request, response);
			}
		}
		
	}

	public void init(FilterConfig fConfig) throws ServletException {
		contextPath = fConfig.getServletContext().getContextPath();
		loginUrl = fConfig.getInitParameter("loginUrl");
	}

}
